Vendor provided NAS provides the basis for remote field offices to backup and port their most essential files across devices.

Team Members

Tagged MSPs

Categories

Construction and sales users are among the worst when it comes to understanding the IT resources they require for their daily operations. In the past 10 years, we have been exceptionally lucky in that not a one of their remotely situated systems has caused permanent data loss for them. There have been a few close calls and simple recovery work has gotten us past them, but to date, no one has simply lost their entire drive contents without any form of useful data backups.

Therein lies the rub. Our frugal corporate office does not pay for adequate bandwidth to remotely manage or storage to backup all of our remote systems, but a recent visit to a Synology vendor event changed the landscape when they gave us a free DiskStation NAS. We already use one for local network backups of the desktops at corporate which gave me the idea that while we couldn't get enough storage density for full system backups, we could make a substantial amount of storage per user available for document/folder backups.

Synology Cloud Station takes that idea one step further and offers device portability for your files. The problems: Lack of experience with the Cloud Station product, highly complicated IDS/IPS/Firewall systems, and untrained users that must roll their own client setups for the most part.

At the network boundary, I added a port to our Firewall to handle the Diskstation as a segregated network where I might add future Internet facing services/servers down the road. The Cloud Station package was added to the Disk Station and configured while the Firewall remained open for outbound comms and all comms across the other ports. Once configured and initial clients fielded and tested. The firewall was locked down to only necessary administrative and email communications across local segments and only QuickConnect Server and CloudStation client communications across the WAN. Additional firewall rules were added to the Synology itself regarding administrative access and all services except Cloud Station were denied remote access with the exception of a single administrative IP.

Documentation for installing client software was put together and sent out with credentials to follow. A CSV file with those names and passwords was crafted and imported into the DiskStation to create the accounts. The DiskStation also handled emailing these credentials to each user, but lacked any detailed information on access. Now our field personnel have access to 100GB each of portable file storage that can also serve as an excellent document backup repository which, OBTW is now visible from corporate for no more than the cost of two 6TB hard drives and a day of my work.